Russian-speaking threat actors in the BlackEnergy APT group have been using malicious Excel and PowerPoint files to spread the group's malware since last year but Kaspersky's Global Research and Analysis Team Director Costin Raiu claimed this was the first time Word documents have been used, according to a Jan. 28 blog post.

Last week, researchers at ESET detected a new wave of cyberattacks on power plants that were based on a freely-available open-source backdoor which is “something no one would expect from an alleged state-sponsored malware operator," ESET researchers said in a Jan. 20 security post.

The BlackEnergy APT group has been actively targeting energy, government and media in Ukraine, and industrial controls systems supervisory control and data acquisition (ICS/SCADA) and energy companies worldwide.

Get SC Media delivered to your inbox

Whitepaper of the Day

Newswire

Buzz

I would like to receive relevant information via email from Haymarket Media.

SC Media arms cybersecurity professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face and establish risk management and compliance postures that underpin overall business strategies.